<?php session_start();
include "constants.php";
$dates=date_create(CUTOFFS);
$cutoffdates=date_format($dates,"m/d/Y");
$displays=SHOWOFFS;
$INITIALS=SPOINT;


$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); 

if (!$link) { 
    die('Could not connect: ' . mysql_error()); 
} 
mysql_select_db(DB_NAME);

$FinalStatus=$_POST["m_status"];

if($FinalStatus == 1) {
$updatecoupon = "UPDATE Promotion SET Rate='$_POST[rate]' WHERE PID=$FinalStatus";
$udpated = mysql_query($updatecoupon,$link);
}

if($FinalStatus == 2) {
$EmPID="INSERT INTO AdminTables (`UserName`, `Password`, `Roles`) VALUES('$_POST[loginID]',md5('12345678'),md5('$_POST[roles]'))";
$EMPIDUp=mysql_query($EmPID,$link);
}

if($FinalStatus == 3) {
//send email
    $TO = $_POST['TOS'];
    $CC=$_POST['CCS'];
    $BCC=$_POST['BCCS'];
    $subject = $_POST['SUBJECT'];
    $message = $_POST['contents'];
    $message=wordwrap($message,70);
    $from=$_POST['FROM'];

   $headers = "From: ".$from."\r\n";   
   $headers .= "Reply-To: ".$from."\r\n";   
   $headers .= "Return-Path: ".$from."\r\n";    
   $headers .= "CC: ".$CC."\r\n";   
   $headers .= "BCC: ".$BCC."\r\n";   

   mail($TO, $subject,$message,$headers);  

}
if($FinalStatus == 4) {
$updatecost = "UPDATE ProvinceRates SET Rates='$_POST[mcost]' WHERE PID='$_POST[m_pid]'";
$udpated = mysql_query($updatecost,$link);
}
if($FinalStatus == 5) {
$updatecost = "UPDATE Applications SET NewApp='3' WHERE AccountID='$_POST[UAccID]'";
$udpated = mysql_query($updatecost,$link);
}
if($FinalStatus == 6) {
$updatecost = "UPDATE Applications SET NewApp='2' WHERE AccountID='$_POST[UAccID]'";
$udpated = mysql_query($updatecost,$link);
}

if($FinalStatus == 7) {
//send email
	$subject = $_POST['SUBJECT'];
	$AID=$_POST['TOAccount'];
	$from=$_POST['FROM'];

	$sql = "SELECT PR.FirstName as FirstName,PR.Email as EMAILS FROM Applications AP LEFT JOIN Profiles PR ON AP.ProfileID=PR.ProfileID
		WHERE AP.AccountID = $AID";
        $results = mysql_query($sql,$link);
	$rowPR = mysql_fetch_array($results);
	$emails=$rowPR['EMAILS'];
	$names=$rowPR['FirstName'];


	
 	if ($subject==1) 
	{
		$subject="Loan Application";
		$message="Dear ".$names.
		",\n\n Please provide your online security questions for the approval process.
		\n\n Thanks for your cooperation!\n\n Thank you for choosing www.cash2u.ca!\n\n Cash2u.ca appreciates your business!\n\n";
		$message=wordwrap($message,70);

		mail($emails, $subject,$message,"From:customerservicessupport@cash2u.ca");

	}
	else if ($subject==2) 
	{
		$subject="Loan Application";
		$message="Dear ".$names.
		",\n\n Either your card number or your online password is invalid, can you please double check these information and provide the correct ones?.
		\n\n Thanks for your cooperation!\n\n Thank you for choosing www.cash2u.ca!\n\nCash2u.ca appreciates your business!\n\n";
		$message=wordwrap($message,70);

		mail($emails, $subject,$message,"From:customerservicessupport@cash2u.ca");

	}
	else {$subject="3";}

}
if($FinalStatus == 8) {
	$items = $_POST['SUBJECT'];
	$AID=$_POST['TOAccount'];
	$AID=$AID+$INITIALS;
	$itemvalues=$_POST['FROM'];

	$updateApp = "UPDATE Applications SET $items ='$itemvalues' WHERE AccountID='$AID'";
	$udpatedAPP = mysql_query($updateApp,$link);
}
if($FinalStatus == 10) {
	$holidayaction = $_POST['holidayaction'];
	$holidayid=$_POST['holidayid'];
	if($holidayaction==1) {
		$holidayshorts=$_POST['holidayshorts'];
		$holidaylongs=$_POST['holidaylongs'];
		$sql="INSERT INTO HOLIDAYS (`NAMES`, `DATES`) VALUES('$holidayshorts','$holidaylongs')";
		$result = mysql_query($sql,$link);  	
	} else if($holidayaction==2) {
		$holidayshorts=$_POST['newholidayshorts'];
		$holidaylongs=$_POST['newholidaylongs'];
		$sql="UPDATE HOLIDAYS SET NAMES='$holidayshorts', DATES='$holidaylongs' WHERE NAMES= '$holidayid'";
		$result = mysql_query($sql,$link);  	
	} else if($holidayaction==3) {
		$sql="DELETE FROM HOLIDAYS WHERE NAMES= '$holidayid'";
		$result = mysql_query($sql,$link); 
	}
}

if($FinalStatus == 11) {
	$officeaction = $_POST['officeaction'];
	$officeid=$_POST['officeid'];
	if($officeaction==1) {
		$officeshorts=$_POST['officeshorts'];
		$officelongs=$_POST['officelongs'];
		$sql="INSERT INTO HOURS (`START`, `CLOSE`) VALUES('$officeshorts','$officelongs')";
		$result = mysql_query($sql,$link);  	
	} else if($officeaction==2) {
		$holidayshorts=$_POST['newofficeshorts'];
		$holidaylongs=$_POST['newofficelongs'];
		$sql="UPDATE HOURS SET START='$holidayshorts', CLOSE='$holidaylongs' WHERE START= '$officeid'";
		$result = mysql_query($sql,$link);  	
	} else if($officeaction==3) {
		$sql="DELETE FROM HOURS WHERE START= '$officeid'";
		$result = mysql_query($sql,$link); 
	}
}

if($FinalStatus == 12) {
	$items = $_POST['SUBJECT'];
	$AID=$_POST['TOAccount'];
	$AID=$AID+$INITIALS;
	$itemvalues=$_POST['FROM'];

	$sql = "SELECT ProfileID FROM Applications WHERE AccountID = $AID";
        $results = mysql_query($sql,$link);
	$rowPR = mysql_fetch_array($results);
	$ProfileIDA=$rowPR['ProfileID'];


	$updateApp = "UPDATE Profiles SET $items ='$itemvalues' WHERE ProfileID='$ProfileIDA'";
	$udpatedAPP = mysql_query($updateApp,$link);

}

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Cash2u.ca: Payday Loan and Cash Advance Application process</title>
<META NAME="Description" CONTENT=Cash2u.ca offers online payday loans and cash advance for Canadians">
<script type="text/javascript">
	window.open('', '_self', ''); window.setTimeout("window.close()", 3000);
</script>
</head>
<body>
<div id="maincontainer">

        <form method="post" action="">
	<table>	
	<tr>
<?php if($FinalStatus == 1) { ?>
	<td width="740" align="left">Coupon has been updated</br></br></td>
<?php } ?>

<?php if($FinalStatus == 2) { ?>
	<td width="740" align="left">New Employee LoginID has been created, Please change your password immediately</br></br>
	</td> 
<?php } ?>

<?php if($FinalStatus == 3) { ?>
	<td width="740" align="left">Email has been sent out successfully
		</td> <?php } ?>

<?php if($FinalStatus == 4) { ?>
	<td width="740" align="left">Selected Province Maximum Allowed Cost has been updated
		</td> <?php } ?>
<?php if($FinalStatus == 5) { ?>
	<td width="740" align="left">Approved Applicant PAD has been set up completely
		</td> <?php } ?>

<?php if($FinalStatus == 6) { ?>
	<td width="740" align="left">Applicant repayment has been paid completely
		</td> <?php } ?>

<?php if($FinalStatus == 7) { ?>
	<td width="740" align="left">Query Email has been sent out
		</td> <?php } ?>

<?php if($FinalStatus == 8) { ?>
	<td width="740" align="left">Item has been updated 
		</td> <?php } ?>

<?php if($FinalStatus == 12) { ?>
	<td width="740" align="left">Item has been updated 
		</td> <?php } ?>

		</tr>

	</table>

	</form>
	
	
</div>
</body>
</html>